SRX Services Gateway
Blogs
Discussion Forums
Programs & Events
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Reply
Topic Options
fbouzemarene
Contributor
fbouzemarene
Posts: 35
Registered: ‎03-06-2008
0
Accepted Solution

Policy based routing and source routing on srx210

Options

‎08-21-2009 03:42 AM

Hi,

 

i have just configured PBR on a srx210 using Firewall filter.

The goal was to redirect FTP traffic to isp1 and other traffic to isp2.

 

Now what i just want to achieve is resiliency : when isp1 is down ftp traffic will still transit using isp2 and the same for the other traffic when isp2 is down.

 

Other question : How to implement Source based routing ?

 

Many thanks 

Message 1 of 11 (16,431 Views)
 
Reply
Juniper Employee
Juniper Employee
xhoms
Posts: 33
Registered: ‎08-20-2009
0

Re: Policy based routing and source routing on srx210

Options

‎08-21-2009 06:33 AM

All that you need is a way to make the routes to isp1 inactives when it is not ready to handle traffic. The same for isp2

 

The PBR won't send any traffic through inactive routes.

 

There are some references on how to achieve this with event-scripts & RPM  (track-ip behavior)

 

Xavi

Message 2 of 11 (16,470 Views)
 
Reply
fbouzemarene
Contributor
fbouzemarene
Posts: 35
Registered: ‎03-06-2008
0

Re: Policy based routing and source routing on srx210

Options

‎08-21-2009 06:41 AM

ok 

 

i will look at that as i am not very "fluent" on junos or maybe do you have a set of commands to do that....:smileyhappy:

 

any suugestion for source based routing? i see that i can enable source routing on the routing instance then what must i do?

 

many thanks

Message 3 of 11 (16,470 Views)
 
Reply
Juniper Employee
Juniper Employee
xhoms
Posts: 33
Registered: ‎08-20-2009
0

Re: Policy based routing and source routing on srx210

Options

‎08-21-2009 07:19 AM

Take a look at the thread at http://forums.juniper.net/jnet/board/message?board.id=JUNOS&message.id=222&query.id=532507#M222

I'll try to find an example for you. Do you have any email account where I could send some attachements?
Message 4 of 11 (16,465 Views)
 
Reply
fbouzemarene
Contributor
fbouzemarene
Posts: 35
Registered: ‎03-06-2008
0

Re: Policy based routing and source routing on srx210

[ Edited ]
Options

‎08-21-2009 08:06 AM - last edited on ‎12-10-2009 04:53 AM by Trusted Expert Trusted Expert

thank you for the link that i will check right now.

 

i think my email is visble in my profile but here it is :

 

farid.bouzemarene

 

_at_

 

magirus.com

 

many thanks

Message 5 of 11 (16,457 Views)
 
Reply
Exyza_1
Regular Visitor
Exyza_1
Posts: 2
Registered: ‎08-24-2009
0

Re: Policy based routing and source routing on srx210

Options

‎08-24-2009 03:27 AM

Hi All I;m also struggling abit with the Srx Gateways , is there any documentation or examples for a PBR setup.

 

I'm trying to create a filter with destinations port 80 to go to a diffrent next hop but there is no next hop option on the filter actions.

How would I do that ?

Message 6 of 11 (16,415 Views)
 
Reply
fbouzemarene
Contributor
fbouzemarene
Posts: 35
Registered: ‎03-06-2008
0

Re: Policy based routing and source routing on srx210

Options

‎08-24-2009 03:49 AM

Hi,

 

you have to create a forwarding type Routing Instance ( where you will add a static route for 0.0.0.0/0 and the next-hop for your router ) and the action filter have to be routing-instance where you will specify the routing instance name that you created early.

 

let me know if it helps ....

Message 7 of 11 (16,410 Views)
 
Reply
Exyza_1
Regular Visitor
Exyza_1
Posts: 2
Registered: ‎08-24-2009
0

Re: Policy based routing and source routing on srx210

[ Edited ]
Options

‎08-24-2009 04:02 AM - edited ‎08-24-2009 04:47 AM

Ah ok thats perfect , so for my setup I'll have three routing instanaces.
 
Local LAN

Main Mpls Router

Backup ADSL Link

 

But then which way is the best way to failover between the routing instances bfd or periodic events ?

Becuase I want to push al web traffic ovewr the adsl and rest via the main link with qos and the nfailover vice versa between both.

 

But I see I get route loop errors when I try to route between the instances  , so then what instance-type did you use ?

Message Edited by Exyza_1 on 08-24-2009 04:47 AM
Message 8 of 11 (16,406 Views)
 
Reply
fbouzemarene
Contributor
fbouzemarene
Posts: 35
Registered: ‎03-06-2008
0

Re: Policy based routing and source routing on srx210

Options

‎08-24-2009 07:07 AM

forwarding instance
Message 9 of 11 (16,381 Views)
 
Reply
pkc
Contributor
pkc
Posts: 111
Registered: ‎09-24-2008
0

Re: Policy based routing and source routing on srx210

Options

‎12-10-2009 02:44 AM

there is an example described in here :

http://forums.juniper.net/t5/SRX-Services-Gateway/filter-based-forwarding-question/m-p/27786

 

hope this'll help.

Message 10 of 11 (15,447 Views)
 
Reply
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.